INFORMATION SECURITY POLICY

Information and systems security is strategically important to the company, both for achieving its short- and long-term goals and for safeguarding the privacy of its customers.
PREDICTA S.A., recognizing the critical role of information and information systems in its business operations, implements an Information Security Policy with the aim of:

  • Ensuring the confidentiality, integrity and availability of the information it manages.
  • Ensuring the proper functioning of information systems.
  • Timely response to incidents that may potentially threaten the Company’s business operations.
  • Meeting legislative and regulatory requirements.
  • The continuous improvement of the level of information security.

For this purpose:

  • The organizational structures necessary for monitoring information security issues are defined.
  • The technical measures for controlling and restricting access to information and information systems are established.
  • The method by which information is classified according to its importance and value is specified.
  • The measures required to protect information during processing, storage, and transmission are described.
  • The procedures for informing and training the company’s employees and partners on information security matters are outlined.
  • The processes for responding to information security incidents are identified.
  • The measures that ensure the secure continuation of the company’s business operations in the event of an information system failure or disaster are described.

The Company conducts assessments of the risks related to Information Security at regular intervals and takes the necessary measures to address them. It implements a framework for evaluating the effectiveness of Information Security processes through which performance indicators are defined, the methodology for measuring them is described and periodic reports are produced and reviewed by the Top Management in order to continuously improve the system.

The Information Security Officer is responsible for controlling and monitoring the policies and procedures related to Information Security and taking the necessary initiatives to eliminate all those factors that may compromise the availability, integrity, and confidentiality of the Company’s information.

All employees of the Company and its partners with access to the Company’s information and information systems are responsible for complying with the rules of the applicable Information Security Policy.

PREDICTA S.A. is committed to the continuous monitoring of, and compliance with, the regulatory and legislative framework, as well as to the ongoing implementation and improvement of the effectiveness of its Personal Data Management and Information Security System.

Last updated: 20 May 2025